Home

Description

A weakness has been identified in huggingface smolagents 1.25.0.dev0. This affects the function evaluate_augassign/evaluate_call/evaluate_with of the file src/smolagents/local_python_executor.py of the component Incomplete Fix CVE-2025-9959. This manipulation causes code injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

PUBLISHED Reserved 2026-03-27 | Published 2026-03-27 | Updated 2026-03-31 | Assigner VulDB




MEDIUM: 5.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
MEDIUM: 6.3CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
MEDIUM: 6.3CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
7.5AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR

Problem types

Code Injection

Injection

Product status

1.25.0.dev0
affected

Timeline

2026-03-27:Advisory disclosed
2026-03-27:VulDB entry created
2026-03-27:VulDB entry last update

Credits

Eric-z (VulDB User) reporter

VulDB coordinator

References

vuldb.com/?id.353840 (VDB-353840 | huggingface smolagents Incomplete Fix CVE-2025-9959 local_python_executor.py evaluate_with code injection) vdb-entry technical-description

vuldb.com/?ctiid.353840 (VDB-353840 | CTI Indicators (IOB, IOC, TTP, IOA)) signature permissions-required

vuldb.com/?submit.777623 (Submit #777623 | HuggingFace smolagents 1.25.0.dev0 CWE-693) third-party-advisory

vuldb.com/?submit.777643 (Submit #777643 | HuggingFace smolagents 1.25.0.dev0 CWE-693 (Duplicate)) third-party-advisory

vuldb.com/?submit.777644 (Submit #777644 | HuggingFace smolagents 1.25.0.dev0 CWE-693 (Duplicate)) third-party-advisory

gist.github.com/YLChen-007/7146f45960f79bc1e2976fed526e0a9b related

gist.github.com/YLChen-007/35b7d46e892266a0ed6dbe57802858be exploit

cve.org (CVE-2026-4963)

nvd.nist.gov (CVE-2026-4963)

Download JSON